Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   9747 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

NG_TCPMSS(4)		 BSD Kernel Interfaces Manual		  NG_TCPMSS(4)

NAME
     ng_tcpmss — netgraph node to adjust TCP MSS option

SYNOPSIS
     #include <netgraph.h>
     #include <netgraph/ng_tcpmss.h>

DESCRIPTION
     The tcpmss node type is designed to alter the Maximum Segment Size option
     of TCP packets.  This node accepts an arbitrary number of hooks.  Ini‐
     tially a new hook is considered unconfigured.  The NG_TCPMSS_CONFIG con‐
     trol message is used to configure a hook.

CONTROL MESSAGES
     This node type supports the generic control messages, plus the following.

     NGM_TCPMSS_CONFIG (config)
	     This control message configures node to do given MSS adjusting on
	     a particular hook.	 It requires the struct ng_tcpmss_config to be
	     supplied as an argument:

	     struct ng_tcpmss_config {
		     char	     inHook[NG_HOOKSIZ];
		     char	     outHook[NG_HOOKSIZ];
		     uint16_t	     maxMSS;
	     }

	     This means: packets received on inHook would be checked for TCP
	     MSS option and the latter would be reduced down to maxMSS if it
	     exceeds maxMSS.  After that, packets would be sent to hook
	     outHook.

     NGM_TCPMSS_GET_STATS (getstats)
	     This control message obtains statistics for a given hook.	The
	     statistics are returned in struct ng_tcpmss_hookstat:

	     struct ng_tcpmss_hookstat {
		     uint64_t	     Octets;	     /* total bytes */
		     uint64_t	     Packets;	     /* total packets */
		     uint16_t	     maxMSS;	     /* maximum MSS */
		     uint64_t	     SYNPkts;	     /* TCP SYN packets */
		     uint64_t	     FixedPkts;	     /* changed packets */
	     };

     NGM_TCPMSS_CLR_STATS (clrstats)
	     This control message clears statistics for a given hook.

     NGM_TCPMSS_GETCLR_STATS (getclrstats)
	     This control message obtains and clears statistics for a given
	     hook.

EXAMPLES
     In the following example, packets are injected into the tcpmss node using
     the ng_ipfw(4) node.

	   # Create tcpmss node and connect it to ng_ipfw node
	   ngctl mkpeer ipfw: tcpmss 100 qqq

	   # Adjust MSS to 1452
	   ngctl msg ipfw:100 config '{ inHook="qqq" outHook="qqq" maxMSS=1452 }'

	   # Divert traffic into tcpmss node
	   ipfw add 300 netgraph 100 tcp from any to any tcpflags syn out via fxp0

	   # Let packets continue with ipfw after being hacked
	   sysctl net.inet.ip.fw.one_pass=0

SHUTDOWN
     This node shuts down upon receipt of an NGM_SHUTDOWN control message, or
     when all hooks have been disconnected.

SEE ALSO
     netgraph(4), ng_ipfw(4)

HISTORY
     The ng_tcpmss node type was implemented in FreeBSD 6.0.

AUTHORS
     Alexey Popov ⟨lollypop@flexuser.ru⟩
     Gleb Smirnoff ⟨glebius@FreeBSD.org⟩

BUGS
     When running on SMP, system statistics may be broken.

BSD				 June 9, 2005				   BSD

Vote for polarhome